Privacy Policy
Introduction and Applicability
This Privacy Policy outlines how your personal data is collected, used, and protected across our website, mobile applications, and related services. It applies to all users worldwide unless local law provides different protections. Our commitment is to maintain transparency, empower your choices, and comply with applicable data protection laws. Continued use of our services constitutes acceptance of this policy.
Categories of Personal Data
We collect various categories of data, including identification details (name, contact information), transactional data (purchase history), and technical data (IP address, device type). We may also gather profile data, such as preferences and interests. Sensitive data—such as health or biometric information—is neither collected nor processed. All data collection is limited to what is necessary for specified purposes.
Sources of Data
Data is obtained directly from you when you register, subscribe, or interact with customer support. We also collect data from automated sources like cookies, server logs, and analytics tools. Additionally, we may receive information from third-party integrations if you link external accounts. We do not purchase personal data from data brokers.
Purposes of Processing
Personal data is processed to facilitate service delivery, personalize user experience, process transactions, and communicate updates. We also use data for fraud detection, compliance monitoring, and internal analytics. Aggregated and pseudonymized data may be used for research and product development. Each processing activity aligns with a legitimate business objective.
Lawful Bases
Our legal grounds for data processing include your consent, contractual necessity, legal obligations, and legitimate interests. Consent is obtained explicitly where needed, and you may withdraw it at any time. Contract necessity covers order fulfilment and customer support. Legitimate interests include improving user experience and protecting against misuse.
Data Sharing Practices
We share personal data only with third-party service partners—such as hosting providers, payment processors, and analytics vendors—under strict contractual safeguards. No personal data is sold or shared for third-party marketing without your consent. We may disclose data to comply with legal requests or to protect our rights. All transfers are governed by appropriate data protection agreements.
International Transfers and Safeguards
Our operations may involve transferring data across international borders. To protect your data, we utilize standard contractual clauses, binding corporate rules, or other approved mechanisms. We ensure that recipients uphold data protection obligations equivalent to those in your jurisdiction. You can request information about these safeguards.
Data Retention and Deletion
We retain personal data only for as long as necessary to fulfil the purposes in this policy or comply with legal requirements. Retention periods are defined based on data type and business needs. Once data is no longer needed, it is securely deleted, destroyed, or anonymized. Backup systems may hold data briefly for recovery purposes.
Security and Integrity
We implement robust security controls—including encryption, multi-factor authentication, intrusion detection, and physical safeguards—to protect your data. Staff access is strictly controlled and audited regularly. Security policies and incident response procedures are in place to handle potential breaches. Despite all measures, no system is impervious to risk.
Your Rights
Depending on your location, you may have rights to access, correct, delete, restrict, or object to processing of your personal data. You may also have the right to data portability. To exercise any right, submit a request via our support channels. We will respond within the timeframes mandated by applicable law.
Children’s Privacy
Our services are not intended for individuals under the age of 13. We do not knowingly collect personal data from children without parental consent. If we discover that data from a child has been collected without proper authorization, we will promptly delete that information. Parents may contact us to ensure deletion of any such data.
Automated Decision-Making
In certain circumstances, we may use automated tools to process data and make decisions—such as fraud detection or content recommendations. We ensure that any automated decisions comply with applicable laws and include human oversight where required. You have the right to request human review of significant decisions made solely by automated means.
Policy Changes
We may update this Privacy Policy to reflect changes in our practices or legal requirements. Each update will be indicated by a new “Last Updated” date. Significant changes will be communicated via in-app notifications or prominent website notices. Continued use after changes signifies your acceptance of the updated policy.
